<?php
include '../login/db_connect.php';
include '../login/functions.php';
sec_session_start ();

if (isset ( $_COOKIE ['login_string'] )) {
	$login_string = $_COOKIE ['login_string'];
	$username = $_COOKIE ['username'];
	$user_id = $_COOKIE ['user_id'];

	$_SESSION ['user_id'] = $user_id;
	$_SESSION ['login_string'] = $login_string;
	$_SESSION ['username'] = $username;
	
}
if (login_check ( $mysqli ) == true) {
	
	$datafinale=$_POST['datafinale'];
	$data_ora=$datafinale.":00";
	
	
	$forn=$_POST['venditore'];
	$comment=$_POST['commento'];
	$query_ordine ="INSERT INTO `orders` (`id_order`, `in_date`, `fin_date`, `vendor`, `amount_temp`, `amount_real`, `active`, `confermato`, `pagato`, `tesoriere`, `commento`) VALUES (NULL, CURRENT_TIMESTAMP, '".$data_ora."', '".$forn."', '0', '-1', '1', '0', '0', '0', '".$comment."')";
	if ($result = $mysqli->query ( $query_ordine)) {

		$evento="CREATE EVENT attiva".$forn." ON SCHEDULE AT '".$data_ora."' DO UPDATE orders SET active='0' WHERE vendor='".$forn."' AND active='1'";
		if ($res = $mysqli->query ( $evento)) {
			header("Location: neworder.php");
		}
	}
	
}

?>